Solved

Securing Remote Computers Accessing Office Computers Via Remote Web Workplace

Posted on 2012-03-12
3
943 Views
Last Modified: 2012-03-13
I have a client with a Windows SBS 2008 server that is providing access to the office computers, for those who have a computer in the office, and to the Windows 2008 Terminal Server, for those who do not have a computer in the office.

Some people have company laptops that they take home, some people work on compnay desktops at remote offices and some people work from home using their personal computers.

I am worried about the people working from home using their personal computers. My concern is that they can have or they could get a key logger malware app on their home computers that reports back the Remote Web Workplace URL, their usernames and their passwords. The Remote Web Workplace URL and the user’s login info would give the malware writer/operator access to the company’s data, not unlike how bank accounts and online gaming accounts often get cracked.

I am looking for a solution to secure access to the office network via Remote Web Workplace in such a way that I do not have to install any software on the home user’s personal computers.
0
Comment
Question by:wmtrader
3 Comments
 
LVL 25

Accepted Solution

by:
Tony1044 earned 500 total points
Comment Utility
The simplest solution here I think would be two-factor authentication.

This gives your users a token of some kind and is based around something that they know (their password and maybe a PIN they append to their token code) and something they have - i.e. a physical token of some kind.

There are physical solutions, such as the SafeWord products (I've had a preference for these over the years, as they tend to be cheaper than say RSA, don't die like some [some have a 'death date' after whichthey stop functioning] and can be more easily integrated into the infrastructure for just some users).

Other alternatives include SMS based options whereby a one time use code is sent to a users registered mobile phone.

Either kind of mechanism will negate keyloggers' because the end point log won't include anything useful about the 2nd one-time-use factor.
0
 
LVL 56

Expert Comment

by:Cliff Galiher
Comment Utility
I agree that two-factor authentication would mitigate your concern. However, many two-factor mechanisms don't work well with RWW because of how that feature is designed, I recommend RWWGuard from Scorpionsoft.  Written by a Microsoft Security MVP, designed for RWW/RWA, and a large SBS support base, it has a lot of traction in the marketplace.

-Cliff
0
 

Author Closing Comment

by:wmtrader
Comment Utility
I went with the two-factor authentication and I found 2 solutions that work with Win SBS 2011 RWW that I'll be testing, SafeWord from SafeNet Inc and AuthAnvil from Scorpion Software.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

You cannot be 100% sure that you can protect your organization against crypto ransomware but you can lower down the risk and impact of the infection.
Article by: btan
Provide an easy one stop to quickly get the relevant information on common asked question on Ransomware in Expert Exchange.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now